package edu.neumont.MillerK.Web.Servlet;

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import javax.annotation.Resource;
import javax.persistence.Cache;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.PersistenceUnit;
import javax.persistence.PersistenceUnitUtil;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.metamodel.Metamodel;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.transaction.UserTransaction;

import edu.neumont.MillerK.POJOs.CreateUserException;
import edu.neumont.MillerK.POJOs.LoginException;
import edu.neumont.MillerK.POJOs.Security;
import edu.neumont.MillerK.Web.DBQueries.DBQueries;
import edu.neumont.MillerK.Web.Entities.User;

/**
 * Servlet implementation class LoginServlet
 */
@WebServlet("/Login")
public class LoginServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
	
	@Resource
	UserTransaction utx;
	
	@PersistenceUnit
	EntityManagerFactory emf;
	
	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		request.getRequestDispatcher("/WEB-INF/views/Login.jsp").forward(request,response);
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		DBQueries dbQueries = new DBQueries(emf, utx);
		Security security = new Security();
		String emailUsername = request.getParameter("username");
		String password = request.getParameter("password");
		try {
			if(!fieldsExist(emailUsername, password)){
				throw new LoginException("Input field doesn't exist...");
			}else{
				User user = dbQueries.getUser(emailUsername);
				if(user == null){
					throw new LoginException("Given Email/Username doesn't exist");
				}else{
					try {
						if(!user.getPassword().equals(security.SHAHash(password + user.getSalt()))){
							throw new LoginException("Give password was incorrect");
						}else{
							request.getSession().setAttribute("currentUser", user);
							response.sendRedirect("Home");
						}
					} catch (NoSuchAlgorithmException e) {
						throw new LoginException("Password hashing problem...");
					}
				}
			}
		} catch (LoginException e) {
			request.setAttribute("error", e.getMessage());
			doGet(request, response);
		}
	}
	
	private boolean fieldsExist(String username, String pass){
		boolean fieldsExist = true;
		if(username == null || pass == null)
			fieldsExist = false;
		return fieldsExist;
	}
}
